2. ACID Database Transactions:
a. Database transactions should be atomic and therefore ensuring all the required data has been saved to the database.
b. Control should be enforced over transaction isolation levels (Serializable, Repeatable Reads and Read committed ... etc) and therefore avoiding dirty reads.

3. Separation of Concerns (Architecture Tiers):
a. Clear architecture tiers should exist with different responsibilities to make the system easy to maintain and decreasing technical debt.
b. Checking no responsibility leak exists either across different architecture tiers within a single code base (backend/frontend)
c. Dependencies between different tiers should be mapped to abstract classes or interfaces not concrete ones, thus making it easy to control dependencies using IOC Containers.

5. Database Migrations:
a. Clear database migration steps should exist not SQL scripts.
b. At some version of the application deployment, you should be able to check at which step the database has been updated, in the existence of migrations, you can simply check the migrations history table.
c. Only newly added migration steps should be run at the deployment time.

6. API Design:
a. Checking how input validations are handled.
b. Checking how business logic validations are handled.
c. Checking if the APIs built for Mobile First design.

9. Exception Monitoring:
a. Checking the existing real-time exception monitoring and alerting mechanism that reflects runtime errors happening on production in real-time and details about these errors such as exception time, frequency and stack trace.

10. Deployments:
a. Checking the current deployment pipeline from development to production.
b. Checking configuration management and versioning mechanisms used during the development lifecycle.